<?php
/**
 * 密码登录
 */

$json = array('status' => 'error', 'msg' => 'error', 'data' => []);

$phone = fn_post('phone');
$pwd = fn_post('pwd');

if (!preg_match('/^1\d{10}$/', $phone)) {
	$json['msg'] = '手机格式错误!' . $phone;
} elseif (strlen($pwd) < 6) {
	$json['msg'] = '密码格式错误!';
} elseif (!$this->website['class']['db']
		->table('user')
		->where('phone = ? and authority=0', $phone)
		->count()) {
	$json['msg'] = '未找到用户信息，请检查手机号密码!';
} else {
	$user = $this->website['class']['db']
		->table('user')
		->where('phone = ? and authority=0', $phone)
		->one();
	if ($user['visible'] == '0') {
		$json['msg'] = '已禁用!';
	}if (!($user['pwd'] ?? false)) {
		$json['msg'] = '未知手机号!';
	} elseif (password_verify($user['id'] . $pwd, $user['pwd'])) {
		unset($user['pwd']);
		$json['status'] = 'ok';
		$json['msg'] = '登录成功';
		$user['token'] = password_hash($user['id'] . $this->website['safe']['key'] . date('Y'), PASSWORD_DEFAULT);

		unset($user['pwd']);
		$json['data'] = $user;

	} else {
		unset($user['pwd']);
		$json['msg'] = '登录失败,重新输入用户名或密码!';
	}
}

$this->json_encode_encrypt($json);
